package edu.gduf.shiro;

import edu.gduf.domain.User;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.subject.Subject;
import org.apache.shiro.web.filter.authc.FormAuthenticationFilter;
import org.apache.shiro.web.util.WebUtils;

import javax.servlet.ServletRequest;
import javax.servlet.ServletResponse;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpSession;

public class CustomFormAuthenticationFilter extends FormAuthenticationFilter {

    @Override
    public boolean onLoginSuccess(AuthenticationToken token, Subject subject, ServletRequest request, ServletResponse response) throws Exception {
        // 获取已登陆的用户信息
        User user =(User) subject.getPrincipal();
        // 获取session
        HttpServletRequest httpServletRequest = WebUtils.toHttp(request);
        HttpSession session = httpServletRequest.getSession();
        // 把用户信息保存到session
        session.setAttribute("uid",user.getUid());
        session.setAttribute("username",user.getUsername());
        session.setAttribute("type",user.getType());
        session.setAttribute("photo",user.getPhoto());
        return super.onLoginSuccess(token,subject,request,response);
    }
}
